[ubuntu/bionic-proposed] pam 1.1.8-3.6ubuntu1 (Accepted)
Steve Langasek
steve.langasek at ubuntu.com
Sat Mar 17 04:33:20 UTC 2018
pam (1.1.8-3.6ubuntu1) bionic; urgency=medium
* Merge with Debian unstable.
- Fixes unescaped brace in pam_getenv regex. LP: #1538284.
- Fixes pam_namespace defaults for compatibility with dash. LP: #1081323.
* Remaining changes:
- debian/control: have libpam-modules recommend update-motd package
- debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
not present there or in /etc/security/pam_env.conf. (should send to
Debian).
- debian/libpam0g.postinst: only ask questions during update-manager when
there are non-default services running.
- debian/libpam0g.postinst: check if gdm is actually running before
trying to reload it.
- debian/libpam0g.postinst: the init script for 'samba' is now named
'smbd' in Ubuntu, so fix the restart handling.
- debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
initialise RLIMIT_NICE rather than relying on the kernel limits.
- debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
Deprecate pam_unix's explicit "usergroups" option and instead read it
from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
there. This restores compatibility with the pre-PAM behaviour of login.
- debian/patches-applied/pam_motd-legal-notice: display the contents of
/etc/legal once, then set a flag in the user's homedir to prevent
showing it again.
- debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
for update-motd, with some best practices and notes of explanation.
- debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
to update-motd(5)
- debian/local/common-session{,-noninteractive}: Enable pam_umask by
default, now that the umask setting is gone from /etc/profile.
- debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
- debian/patches-applied/extrausers.patch: Add a pam_extrausers module
that is basically just a copy of pam_unix but looks at
/var/lib/extrausers/{group,passwd,shadow} instead of /etc/
- debian/libpam-modules-bin.install: install the helper binaries for
pam_extrausers to /sbin
- debian/rules: Make pam_extrausers_chkpwd sguid shadow
- pam-configs/mkhomedir: Added a config for pam_mkhomedir, disabled
by default.
- don't notify about xdm restarts during a release-upgrade
- debian/patches-applied/cve-2015-3238.patch: removed manpage changes
so they don't get regenerated during build and cause a multiarch
installation issue.
* Dropped changes, included in Debian:
- Build-depend on libfl-dev.
- debian/patches-applied/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE.
* Fix references to /var/run in update-motd.5. LP: #1571864
* Fix service restart handling to integrate with systemd instead of
upstart.
pam (1.1.8-3.6) unstable; urgency=medium
* Non-maintainer upload.
* cve-2015-3238.patch: Add the changes in the generated pam_exec.8
and pam_unix.8 in addition to (and after) the changes to the
source .xml files. This avoids unwanted rebuilds that can cause
problems due to differing files on different architectures of
the Multi-Arch: same libpam-modules. (Closes: #851545)
pam (1.1.8-3.5) unstable; urgency=medium
* Non-maintainer upload.
* Build-Depend on libfl-dev:native as well, for cross builds.
Re-closes: #846459
* Fix "Unescaped left brace in regex" with Perl 5.22. Closes: #810873
pam (1.1.8-3.4) unstable; urgency=medium
* Non-maintainer upload.
* Add libfl-dev to Build-Depends, fixing FTBFS. Closes: #846459
* Move xsl stuff to Build-Depends from -Indep to fix misbuilt manpages.
Closes: #812566
pam (1.1.8-3.3) unstable; urgency=low
* Non-maintainer upload.
[ Steve Langasek ]
* Updated Swedish translation to correct a typo, thanks to Anders Jonsson
and Martin Bagge. Closes: #743875
* Updated Turkish translation, thanks to Mert Dirik <mertdirik at gmail.com>.
(closes: #756756)
* d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE. Thanks to Robie Basak
<robie.basak at ubuntu.com> for the patch. Closes: #783105.
* Acknowledge security NMU.
* pam-auth-update: don't mishandle trailing whitespace in profiles.
LP: #1487103.
[ Laurent Bigonville ]
* debian/control: Fix Vcs-* and Homepage fields (Closes: #752343)
* debian/watch: Update watch file and point it to http://www.linux-pam.org
* debian/patches-applied/pam_namespace_fix_bashism.patch: Fix bashism in
namespace.init script (Closes: #624842)
* debian/control: Build-depends against debhelper (>= 9) to match the
defined debhelper compatibility
* Rename the cve-2011-4708.patch to cve-2010-4708.patch to match reality,
thanks to Jakub Wilk <jwilk at debian.org> for noticing (Closes: #761594)
* debian/control: Bump Standards-Version to 3.9.8 (no further changes)
* debian/libpam-doc.doc-base.applications-guide: Fix spelling
* debian/libpam0g-dev.examples: Do not use shell brace expansion
* debian/patches-applied/pam-loginuid-in-containers: Updated with the version
from Ubuntu, this should fix logins in containers (Closes: #726661)
* debian/patches-applied/update-motd: Updated with the version from Ubuntu:
use /run/motd.dynamic instead of /var/run/motd, nothing in the archive
uses the later (Closes: #743286)
* debian/patches-applied/make_documentation_reproducible.patch: Make the
build reproducible, removes differences when building with different
locale values (Closes: #792127)
Date: Thu, 26 Oct 2017 23:23:18 -0700
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/pam/1.1.8-3.6ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 26 Oct 2017 23:23:18 -0700
Source: pam
Binary: libpam0g libpam-modules libpam-modules-bin libpam-runtime libpam0g-dev libpam-cracklib libpam-doc
Architecture: source
Version: 1.1.8-3.6ubuntu1
Distribution: bionic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Langasek <steve.langasek at ubuntu.com>
Description:
libpam-cracklib - PAM module to enable cracklib support
libpam-doc - Documentation of PAM
libpam-modules - Pluggable Authentication Modules for PAM
libpam-modules-bin - Pluggable Authentication Modules for PAM - helper binaries
libpam-runtime - Runtime support for the PAM library
libpam0g - Pluggable Authentication Modules library
libpam0g-dev - Development files for PAM
Closes: 624842 726661 743286 743875 752343 756756 761594 783105 792127 810873 812566 846459 851545
Launchpad-Bugs-Fixed: 1081323 1487103 1538284 1571864
Changes:
pam (1.1.8-3.6ubuntu1) bionic; urgency=medium
.
* Merge with Debian unstable.
- Fixes unescaped brace in pam_getenv regex. LP: #1538284.
- Fixes pam_namespace defaults for compatibility with dash. LP: #1081323.
* Remaining changes:
- debian/control: have libpam-modules recommend update-motd package
- debian/libpam-modules.postinst: Add PATH to /etc/environment if it's
not present there or in /etc/security/pam_env.conf. (should send to
Debian).
- debian/libpam0g.postinst: only ask questions during update-manager when
there are non-default services running.
- debian/libpam0g.postinst: check if gdm is actually running before
trying to reload it.
- debian/libpam0g.postinst: the init script for 'samba' is now named
'smbd' in Ubuntu, so fix the restart handling.
- debian/patches-applied/ubuntu-rlimit_nice_correction: Explicitly
initialise RLIMIT_NICE rather than relying on the kernel limits.
- debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
Deprecate pam_unix's explicit "usergroups" option and instead read it
from /etc/login.def's "USERGROUP_ENAB" option if umask is only defined
there. This restores compatibility with the pre-PAM behaviour of login.
- debian/patches-applied/pam_motd-legal-notice: display the contents of
/etc/legal once, then set a flag in the user's homedir to prevent
showing it again.
- debian/update-motd.5, debian/libpam-modules.manpages: add a manpage
for update-motd, with some best practices and notes of explanation.
- debian/patches/update-motd-manpage-ref: add a reference in pam_motd(8)
to update-motd(5)
- debian/local/common-session{,-noninteractive}: Enable pam_umask by
default, now that the umask setting is gone from /etc/profile.
- debian/local/pam-auth-update: Add the new md5sums for pam_umask addition.
- debian/patches-applied/extrausers.patch: Add a pam_extrausers module
that is basically just a copy of pam_unix but looks at
/var/lib/extrausers/{group,passwd,shadow} instead of /etc/
- debian/libpam-modules-bin.install: install the helper binaries for
pam_extrausers to /sbin
- debian/rules: Make pam_extrausers_chkpwd sguid shadow
- pam-configs/mkhomedir: Added a config for pam_mkhomedir, disabled
by default.
- don't notify about xdm restarts during a release-upgrade
- debian/patches-applied/cve-2015-3238.patch: removed manpage changes
so they don't get regenerated during build and cause a multiarch
installation issue.
* Dropped changes, included in Debian:
- Build-depend on libfl-dev.
- debian/patches-applied/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE.
* Fix references to /var/run in update-motd.5. LP: #1571864
* Fix service restart handling to integrate with systemd instead of
upstart.
.
pam (1.1.8-3.6) unstable; urgency=medium
.
* Non-maintainer upload.
* cve-2015-3238.patch: Add the changes in the generated pam_exec.8
and pam_unix.8 in addition to (and after) the changes to the
source .xml files. This avoids unwanted rebuilds that can cause
problems due to differing files on different architectures of
the Multi-Arch: same libpam-modules. (Closes: #851545)
.
pam (1.1.8-3.5) unstable; urgency=medium
.
* Non-maintainer upload.
* Build-Depend on libfl-dev:native as well, for cross builds.
Re-closes: #846459
* Fix "Unescaped left brace in regex" with Perl 5.22. Closes: #810873
.
pam (1.1.8-3.4) unstable; urgency=medium
.
* Non-maintainer upload.
* Add libfl-dev to Build-Depends, fixing FTBFS. Closes: #846459
* Move xsl stuff to Build-Depends from -Indep to fix misbuilt manpages.
Closes: #812566
.
pam (1.1.8-3.3) unstable; urgency=low
.
* Non-maintainer upload.
[ Steve Langasek ]
* Updated Swedish translation to correct a typo, thanks to Anders Jonsson
and Martin Bagge. Closes: #743875
* Updated Turkish translation, thanks to Mert Dirik <mertdirik at gmail.com>.
(closes: #756756)
* d/applied-patches/pam-limits-nofile-fd-setsize-cap: cap the default
soft nofile limit read from pid 1 to FD_SETSIZE. Thanks to Robie Basak
<robie.basak at ubuntu.com> for the patch. Closes: #783105.
* Acknowledge security NMU.
* pam-auth-update: don't mishandle trailing whitespace in profiles.
LP: #1487103.
.
[ Laurent Bigonville ]
* debian/control: Fix Vcs-* and Homepage fields (Closes: #752343)
* debian/watch: Update watch file and point it to http://www.linux-pam.org
* debian/patches-applied/pam_namespace_fix_bashism.patch: Fix bashism in
namespace.init script (Closes: #624842)
* debian/control: Build-depends against debhelper (>= 9) to match the
defined debhelper compatibility
* Rename the cve-2011-4708.patch to cve-2010-4708.patch to match reality,
thanks to Jakub Wilk <jwilk at debian.org> for noticing (Closes: #761594)
* debian/control: Bump Standards-Version to 3.9.8 (no further changes)
* debian/libpam-doc.doc-base.applications-guide: Fix spelling
* debian/libpam0g-dev.examples: Do not use shell brace expansion
* debian/patches-applied/pam-loginuid-in-containers: Updated with the version
from Ubuntu, this should fix logins in containers (Closes: #726661)
* debian/patches-applied/update-motd: Updated with the version from Ubuntu:
use /run/motd.dynamic instead of /var/run/motd, nothing in the archive
uses the later (Closes: #743286)
* debian/patches-applied/make_documentation_reproducible.patch: Make the
build reproducible, removes differences when building with different
locale values (Closes: #792127)
Checksums-Sha1:
e85d76b935dbfbf306f44a1976b62d326542f876 2761 pam_1.1.8-3.6ubuntu1.dsc
7f30e333bd22fed84a8ef1758066035d128a515b 203244 pam_1.1.8-3.6ubuntu1.diff.gz
78c01f1d2677d756a96e46a562208cd3e1edb814 7077 pam_1.1.8-3.6ubuntu1_source.buildinfo
Checksums-Sha256:
9ac79dd9a14f1a7cdd9f222c3e18f5135f39ad568bbc95445334b83ebc7d7190 2761 pam_1.1.8-3.6ubuntu1.dsc
483534b012f7a45f721598ce18626ddd1fe3dc353a5773f29d8da44f1034a1f6 203244 pam_1.1.8-3.6ubuntu1.diff.gz
7b1972fb7f4ae794de11ed3fcca227b5dc91af6a1d84658fac88c771f8c7b2e7 7077 pam_1.1.8-3.6ubuntu1_source.buildinfo
Files:
0ee6d4e640a1d1e3dba73144643940bc 2761 libs optional pam_1.1.8-3.6ubuntu1.dsc
162658dbf46665ef91ed427f80e80091 203244 libs optional pam_1.1.8-3.6ubuntu1.diff.gz
a216da09ad3a8c2e8d42fa53b3e371bc 7077 libs optional pam_1.1.8-3.6ubuntu1_source.buildinfo
Original-Maintainer: Steve Langasek <vorlon at debian.org>
-----BEGIN PGP SIGNATURE-----
iQI3BAEBCgAhBQJarJIKGhxzdGV2ZS5sYW5nYXNla0B1YnVudHUuY29tAAoJEFaN
MPMhshM99E8P/R6f/UODnChduH/zUG+ZDkRlGDBTqmFIMZFSGamFojTr4L2RVYia
oOg+rPxkROnVjIUSjlb9mHDoI/XI5Dc5cvdZ8uHE0cqGz9gD/lH5rmufA+495ro5
rcLiiBHI9UOPCRPnrER1Mv6g0hb8jUgJtNvFXuvOnzjAhSLjRMpkfc/4Toz6iKjH
7nT1TtWXfZqyj0wXuq4qJyDg2LAnZqPUzD+SxUXAgsxzU8XHbbMxm8XPZKuDYcSp
LzlWfDRZSDLvQ6tWDq3jddnNM8nanDQN9nFh1vdoWzBR4fQcis0JqegXBhCiAyY2
sQxG2P0RqgLt7ir3MEmEQIBs3ApvksfOtVa0BDo9KrrFldBTHtr3HnvPt9cAjbYR
NKLzkaAZ6V/j1D+N12FCrz2uS4dPgUFhTdnkw4o66hk0NYbsWYLS7dypNPWzRyGD
1UsxhHlm/sjr8Dy7OgdH8MFGMd7Lw8RdDPeNLI9g2m6KzWrMKbgaFXTXRprhP8D9
57lEyrZTsE1rSjCA/R0B+YBpulfgvfBbgoNsiZT2tlCgmu0K02uSi8Cw1MIV09jl
0CsQCkZIE2mTxflBv3Gk3sxXoo1aa/TMK3bNG3KL3f09v6rIiANHI55y9SdiHQM/
y1DwGQOyNZH+NihtngIJUhBGdA1ZEwR0ZctEA0pYpqN976u7vZQ8PGr4
=67o/
-----END PGP SIGNATURE-----
More information about the Bionic-changes
mailing list